function hesk_dbFormatEmail($email, $field = 'email') { global $hesk_settings; $email = hesk_dbLike($email); if ($hesk_settings['multi_eml']) { return " (`" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . "' OR `" . hesk_dbEscape($field) . "` LIKE '%," . hesk_dbEscape($email) . "' OR `" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . ",%' OR `" . hesk_dbEscape($field) . "` LIKE '%," . hesk_dbEscape($email) . ",%') "; } else { return " `" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . "' "; } }
function removeOtherColumns() { executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `autorefresh`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `parent`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `can_manage_settings`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `active`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `notify_note_unassigned`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `can_change_notification_settings`"); executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings`"); executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "verified_emails`"); executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pending_verification_emails`"); executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "stage_tickets`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` DROP COLUMN `icon`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `latitude`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` DROP COLUMN `longitude`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "stage_tickets` DROP COLUMN `latitude`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "stage_tickets` DROP COLUMN `longitude`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` DROP COLUMN `manager`"); executeQuery("ALTER TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` DROP COLUMN `permission_template`"); executeQuery("DROP TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "permission_templates`"); // These queries are ran in case someone used an unfortunate installation they may have not properly cleaned up tables executeQuery('DROP TABLE IF EXISTS `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'denied_ips`'); executeQuery('DROP TABLE IF EXISTS `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'denied_emails`'); }
</tr> <tr> <td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td> <td class="roundcornersbottom"></td> <td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td> </tr> </table> <?php /* Print "Submit a reply" form? */ if ($ticket['locked'] != 1 && $ticket['status'] != 3 && !$hesk_settings['reply_top']) { hesk_printCustomerReplyForm(); } /* If needed update unread replies as read for staff to know */ if (count($unread_replies)) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `read` = '1' WHERE `id` IN ('" . implode("','", $unread_replies) . "')"); } /* Clear unneeded session variables */ hesk_cleanSessionVars('ticket_message'); require_once HESK_PATH . 'inc/footer.inc.php'; /*** START FUNCTIONS ***/ function print_form() { global $hesk_settings, $hesklang; global $hesk_error_buffer, $my_email, $trackingID, $do_remember, $display; /* Print header */ $hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['view_ticket']; require_once HESK_PATH . 'inc/header.inc.php'; ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr>
function update_profile() { global $hesk_settings, $hesklang, $can_view_unassigned; /* A security check */ hesk_token_check('POST'); $sql_pass = ''; $sql_username = ''; $hesk_error_buffer = ''; $_SESSION['new']['name'] = hesk_input(hesk_POST('name')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_your_name'] . '</li>'; $_SESSION['new']['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer = '<li>' . $hesklang['enter_valid_email'] . '</li>'; $_SESSION['new']['signature'] = hesk_input(hesk_POST('signature')); /* Signature */ if (strlen($_SESSION['new']['signature']) > 255) { $hesk_error_buffer .= '<li>' . $hesklang['signature_long'] . '</li>'; } /* Admins can change username */ if ($_SESSION['isadmin']) { $_SESSION['new']['user'] = hesk_input(hesk_POST('user')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_username'] . '</li>'; /* Check for duplicate usernames */ $result = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `user`='" . hesk_dbEscape($_SESSION['new']['user']) . "' AND `id`!='" . intval($_SESSION['id']) . "' LIMIT 1"); if (hesk_dbNumRows($result) != 0) { $hesk_error_buffer .= '<li>' . $hesklang['duplicate_user'] . '</li>'; } else { $sql_username = "******" . hesk_dbEscape($_SESSION['new']['user']) . "'"; } } /* Change password? */ $newpass = hesk_input(hesk_POST('newpass')); $passlen = strlen($newpass); if ($passlen > 0) { /* At least 5 chars? */ if ($passlen < 5) { $hesk_error_buffer .= '<li>' . $hesklang['password_not_valid'] . '</li>'; } else { $newpass2 = hesk_input(hesk_POST('newpass2')); if ($newpass != $newpass2) { $hesk_error_buffer .= '<li>' . $hesklang['passwords_not_same'] . '</li>'; } else { $v = hesk_Pass2Hash($newpass); if ($v == '499d74967b28a841c98bb4baaabaad699ff3c079') { define('WARN_PASSWORD', true); } $sql_pass = '******'' . $v . '\''; } } } /* After reply */ $_SESSION['new']['afterreply'] = intval(hesk_POST('afterreply')); if ($_SESSION['new']['afterreply'] != 1 && $_SESSION['new']['afterreply'] != 2) { $_SESSION['new']['afterreply'] = 0; } /* Auto-start ticket timer */ $_SESSION['new']['autostart'] = isset($_POST['autostart']) ? 1 : 0; /* Notifications */ $_SESSION['new']['notify_new_unassigned'] = empty($_POST['notify_new_unassigned']) || !$can_view_unassigned ? 0 : 1; $_SESSION['new']['notify_new_my'] = empty($_POST['notify_new_my']) ? 0 : 1; $_SESSION['new']['notify_reply_unassigned'] = empty($_POST['notify_reply_unassigned']) || !$can_view_unassigned ? 0 : 1; $_SESSION['new']['notify_reply_my'] = empty($_POST['notify_reply_my']) ? 0 : 1; $_SESSION['new']['notify_assigned'] = empty($_POST['notify_assigned']) ? 0 : 1; $_SESSION['new']['notify_note'] = empty($_POST['notify_note']) ? 0 : 1; $_SESSION['new']['notify_pm'] = empty($_POST['notify_pm']) ? 0 : 1; /* Any errors? */ if (strlen($hesk_error_buffer)) { /* Process the session variables */ $_SESSION['new'] = hesk_stripArray($_SESSION['new']); $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>'; hesk_process_messages($hesk_error_buffer, 'NOREDIRECT'); } else { /* Update database */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET\r\n\t `name`='" . hesk_dbEscape($_SESSION['new']['name']) . "',\r\n\t `email`='" . hesk_dbEscape($_SESSION['new']['email']) . "',\r\n\t\t`signature`='" . hesk_dbEscape($_SESSION['new']['signature']) . "'\r\n {$sql_username}\r\n\t\t{$sql_pass} ,\r\n\t `afterreply`='" . intval($_SESSION['new']['afterreply']) . "' ,\r\n `autostart`='" . intval($_SESSION['new']['autostart']) . "' ,\r\n\t `notify_new_unassigned`='" . intval($_SESSION['new']['notify_new_unassigned']) . "' ,\r\n `notify_new_my`='" . intval($_SESSION['new']['notify_new_my']) . "' ,\r\n `notify_reply_unassigned`='" . intval($_SESSION['new']['notify_reply_unassigned']) . "' ,\r\n `notify_reply_my`='" . intval($_SESSION['new']['notify_reply_my']) . "' ,\r\n `notify_assigned`='" . intval($_SESSION['new']['notify_assigned']) . "' ,\r\n `notify_pm`='" . intval($_SESSION['new']['notify_pm']) . "',\r\n `notify_note`='" . intval($_SESSION['new']['notify_note']) . "'\r\n\t WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1"); /* Process the session variables */ $_SESSION['new'] = hesk_stripArray($_SESSION['new']); /* Update session variables */ foreach ($_SESSION['new'] as $k => $v) { $_SESSION[$k] = $v; } unset($_SESSION['new']); hesk_process_messages($hesklang['profile_updated_success'], 'profile.php', 'SUCCESS'); } }
define('HESK_PATH', '../'); /* Get all the required files and functions */ require HESK_PATH . 'hesk_settings.inc.php'; require HESK_PATH . 'inc/common.inc.php'; require HESK_PATH . 'inc/admin_functions.inc.php'; hesk_load_database_functions(); hesk_session_start(); hesk_dbConnect(); hesk_isLoggedIn(); /* Check permissions for this feature */ hesk_checkPermission('can_view_tickets'); hesk_checkPermission('can_reply_tickets'); hesk_checkPermission('can_edit_tickets'); /* A security check */ hesk_token_check(); /* Ticket ID */ $trackingID = hesk_cleanID() or die($hesklang['int_error'] . ': ' . $hesklang['no_trackID']); /* New archived status */ if (empty($_GET['locked'])) { $status = 0; $tmp = $hesklang['tunlock']; $revision = sprintf($hesklang['thist6'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); } else { $status = 1; $tmp = $hesklang['tlock']; $revision = sprintf($hesklang['thist5'], hesk_date(), $_SESSION['name'] . ' (' . $_SESSION['user'] . ')'); } /* Update database */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET `status`='3',`locked`='{$status}', `history`=CONCAT(`history`,'" . hesk_dbEscape($revision) . "') WHERE `trackid`='" . hesk_dbEscape($trackingID) . "' LIMIT 1"); /* Back to ticket page and show a success message */ hesk_process_messages($tmp, 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . rand(10000, 99999), 'SUCCESS');
// array me vlerat e ticket_id $params = array(); // array me vlerat e reply_message $params1[0] = $ticket['id']; $data = $oeapi->search_helpdeskID($valid_services["PIS"], $ticket['id']); // gjejme ceshtjen ky helpdesk_id = ticket_id //Ermedita - lista e emaileve te staffit qe jan te lidhur me ceshtjen $issue_id = hesk_dbQuery("SELECT `contract_ticket_id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id`=" . $ticket['id']); $i_id = mysqli_fetch_array($issue_id); $users = hesk_dbQuery("SELECT `userId` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "userforcontract` WHERE `contractId`=" . $i_id[0]); $u = array(); while ($user = mysqli_fetch_array($users)) { $u[] = $user['userId']; } $ulist = implode(',', $u); $u_emails = hesk_dbQuery("SELECT `email` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id` IN (" . $ulist . ")"); $array_email = array(); while ($e = mysqli_fetch_array($u_emails)) { $array_email[] = $e['email']; } $ulist_emails = implode(',', $array_email); //var_dump($ulist_emails); //exit(); $params['subject'] = $ticket['subject']; $params['user_id'] = 11; // Do krijohet nga ERP nje user default dhe do vendosim ID e tij $params['body_text'] = stripslashes($message); $params['date'] = hesk_date($ticket['dt'], true); $params['res_id'] = $data[0]; $params['model'] = "project.issue"; $params['email_from'] = $ticket['email'];
function forgot_tid() { global $hesk_settings, $hesklang; require HESK_PATH . 'inc/email_functions.inc.php'; $email = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or hesk_process_messages($hesklang['enter_valid_email'], 'ticket.php?remind=1'); if (isset($_POST['open_only'])) { $hesk_settings['open_only'] = $_POST['open_only'] == 1 ? 1 : 0; } /* Prepare ticket statuses */ $my_status = array(0 => $hesklang['open'], 1 => $hesklang['wait_staff_reply'], 2 => $hesklang['wait_cust_reply'], 3 => $hesklang['closed'], 4 => $hesklang['in_progress'], 5 => $hesklang['on_hold']); /* Get ticket(s) from database */ hesk_load_database_functions(); hesk_dbConnect(); // Get tickets from the database $res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'tickets` FORCE KEY (`statuses`) WHERE ' . ($hesk_settings['open_only'] ? "`status` IN ('0','1','2','4','5') AND " : '') . ' ' . hesk_dbFormatEmail($email) . ' ORDER BY `status` ASC, `lastchange` DESC '); $num = hesk_dbNumRows($res); if ($num < 1) { if ($hesk_settings['open_only']) { hesk_process_messages($hesklang['noopen'], 'ticket.php?remind=1&e=' . $email); } else { hesk_process_messages($hesklang['tid_not_found'], 'ticket.php?remind=1&e=' . $email); } } $tid_list = ''; $name = ''; $email_param = $hesk_settings['email_view_ticket'] ? '&e=' . rawurlencode($email) : ''; while ($my_ticket = hesk_dbFetchAssoc($res)) { $name = $name ? $name : hesk_msgToPlain($my_ticket['name'], 1, 0); $tid_list .= "\n{$hesklang['trackID']}: " . $my_ticket['trackid'] . "\n{$hesklang['subject']}: " . hesk_msgToPlain($my_ticket['subject'], 1, 0) . "\n{$hesklang['status']}: " . $my_status[$my_ticket['status']] . "\n{$hesk_settings['hesk_url']}/ticket.php?track={$my_ticket['trackid']}{$email_param}\n"; } /* Get e-mail message for customer */ $msg = hesk_getEmailMessage('forgot_ticket_id', '', 0, 0, 1); $msg = str_replace('%%NAME%%', $name, $msg); $msg = str_replace('%%NUM%%', $num, $msg); $msg = str_replace('%%LIST_TICKETS%%', $tid_list, $msg); $msg = str_replace('%%SITE_TITLE%%', hesk_msgToPlain($hesk_settings['site_title'], 1), $msg); $msg = str_replace('%%SITE_URL%%', $hesk_settings['site_url'], $msg); $subject = hesk_getEmailSubject('forgot_ticket_id'); /* Send e-mail */ hesk_mail($email, $subject, $msg); /* Show success message */ $tmp = '<b>' . $hesklang['tid_sent'] . '!</b>'; $tmp .= '<br /> <br />' . $hesklang['tid_sent2'] . '.'; $tmp .= '<br /> <br />' . $hesklang['check_spambox']; hesk_process_messages($tmp, 'ticket.php?e=' . $email, 'SUCCESS'); exit; }
define('IN_SCRIPT', 1); define('HESK_PATH', '../'); /* Get all the required files and functions */ require HESK_PATH . 'hesk_settings.inc.php'; require HESK_PATH . 'inc/common.inc.php'; require HESK_PATH . 'inc/admin_functions.inc.php'; hesk_load_database_functions(); hesk_session_start(); hesk_dbConnect(); hesk_isLoggedIn(); /* Print XML header */ header('Content-Type: text/html; charset=' . $hesklang['ENCODING']); /* Get the search query composed of the subject and message */ $query = hesk_REQUEST('q') or die(''); /* Get relevant articles from the database, include private ones */ $res = hesk_dbQuery("SELECT `id`, `subject`, `content` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `type` IN ('0','1') AND MATCH(`subject`,`content`,`keywords`) AGAINST ('" . hesk_dbEscape($query) . "') LIMIT " . intval($hesk_settings['kb_search_limit'])); $num = hesk_dbNumRows($res); /* Solve some spacing issues */ if (hesk_isREQUEST('p')) { echo ' <br />'; } /* Return found articles */ ?> <div class="conatiner notice"> <span style="font-size:12px;font-weight:bold"><?php echo $hesklang['sc']; ?> :</span><br /> <br /> <?php if (!$num) { echo '<i>' . $hesklang['nsfo'] . '</i>';
break; case 'subject': $sql .= "`subject` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' "; break; case 'message': $sql .= " ( `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "'\n \t\tOR\n `id` IN (\n \t\tSELECT DISTINCT `replyto`\n \tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies`\n \tWHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' )\n )\n "; break; case 'seqid': $sql .= "`id` = '" . intval($q) . "' "; break; case 'notes': $sql .= "`id` IN (\n \t\tSELECT DISTINCT `ticket`\n \tFROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes`\n \tWHERE `message` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' )\n \t"; break; default: if (isset($hesk_settings['custom_fields'][$what]) && $hesk_settings['custom_fields'][$what]['use']) { $sql .= "`" . hesk_dbEscape($what) . "` LIKE '%" . hesk_dbEscape($q) . "%' COLLATE '" . hesk_dbEscape($hesklang['_COLLATE']) . "' "; } else { $hesk_error_buffer .= '<br />' . $hesklang['invalid_search']; } } } // Owner if ($tmp = intval(hesk_GET('owner', 0))) { $sql .= " AND `owner`={$tmp} "; $owner_input = $tmp; $hesk_error_buffer = str_replace($hesklang['fsq'], '', $hesk_error_buffer); } else { $owner_input = 0; } /* Date */ /* -> Check for compatibility with old date format */
function mail_list_messages() { global $hesk_settings, $hesklang, $admins; $href = 'mail.php'; $query = ''; if ($hesk_settings['mailtmp']['folder'] == 'outbox') { $query .= 'folder=outbox&'; } $query .= 'page='; $maxresults = 30; $tmp = intval(hesk_POST('page', 1)); $page = $tmp > 1 ? $tmp : 1; /* List of private messages */ $res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `" . hesk_dbEscape($hesk_settings['mailtmp']['this']) . "`='" . intval($_SESSION['id']) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "'"); $total = hesk_dbResult($res, 0, 0); if ($total > 0) { $pages = ceil($total / $maxresults) or $pages = 1; if ($page > $pages) { $page = $pages; } $limit_down = $page * $maxresults - $maxresults; $prev_page = $page - 1 <= 0 ? 0 : $page - 1; $next_page = $page + 1 > $pages ? 0 : $page + 1; if ($pages > 1) { echo $hesklang['pg'] . ': '; /* List pages */ if ($pages >= 7) { if ($page > 2) { echo '<a href="' . $href . '?' . $query . '1"><b>«</b></a> '; } if ($prev_page) { echo '<a href="' . $href . '?' . $query . $prev_page . '"><b>‹</b></a> '; } } for ($i = 1; $i <= $pages; $i++) { if ($i <= $page + 5 && $i >= $page - 5) { if ($i == $page) { echo ' <b>' . $i . '</b> '; } else { echo ' <a href="' . $href . '?' . $query . $i . '">' . $i . '</a> '; } } } if ($pages >= 7) { if ($next_page) { echo ' <a href="' . $href . '?' . $query . $next_page . '"><b>›</b></a> '; } if ($page < $pages - 1) { echo ' <a href="' . $href . '?' . $query . $pages . '"><b>»</b></a>'; } } echo '<br /> '; } // end PAGES > 1 // Get messages from the database $res = hesk_dbQuery("SELECT `id`, `from`, `to`, `subject`, `dt`, `read` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `" . hesk_dbEscape($hesk_settings['mailtmp']['this']) . "`='" . intval($_SESSION['id']) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' ORDER BY `id` DESC LIMIT " . intval($limit_down) . " , " . intval($maxresults) . " "); ?> <form action="mail.php<?php if ($hesk_settings['mailtmp']['folder'] == 'outbox') { echo '?folder=outbox'; } ?> " name="form1" method="post"> <div class="container table-responsive"> <table class="table table-bordered table-hover" style="background: #E0EEEE;"> <tr> <th class="admin_white" style="width:1px"><input type="checkbox" name="checkall" value="2" onclick="hesk_changeAll(this)" /></th> <th class="admin_white" style="text-align:left; white-space:nowrap;"><?php echo $hesklang['m_sub']; ?> </th> <th class="admin_white" style="text-align:left; white-space:nowrap;"><?php echo $hesk_settings['mailtmp']['m_from']; ?> </th> <th class="admin_white" style="text-align:left; white-space:nowrap;"><?php echo $hesklang['date']; ?> </th> </tr> <?php $i = 0; while ($pm = hesk_dbFetchAssoc($res)) { if ($i) { $color = "admin_gray"; $i = 0; } else { $color = "admin_white"; $i = 1; } $pm['subject'] = '<a href="mail.php?a=read&id=' . $pm['id'] . '">' . $pm['subject'] . '</a>'; if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) { $pm['subject'] = '<b>' . $pm['subject'] . '</b>'; } $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : ($pm['from'] == 9999 ? '<a href="http://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']); $pm['dt'] = hesk_dateToString($pm['dt'], 0, 0, 0, true); echo <<<EOC \t\t\t\t\t<tr> \t\t\t\t\t<td class="{$color}" style="text-align:left; white-space:nowrap;"><input type="checkbox" name="id[]" value="{$pm['id']}" /> </td> \t\t\t\t\t<td class="{$color}">{$pm['subject']}</td> \t\t\t\t\t<td class="{$color}">{$pm['name']}</td> \t\t\t\t\t<td class="{$color}">{$pm['dt']}</td> \t\t\t\t\t</tr> EOC; } // End while ?> </table><!-- end table table-bordered table-hover table-responsive --> </div> <div class="container" align="right"><select name="a"> <?php if ($hesk_settings['mailtmp']['this'] == 'to') { ?> <option value="mark_read" selected="selected"><?php echo $hesklang['mo1']; ?> </option> <option value="mark_unread"><?php echo $hesklang['mo2']; ?> </option> <?php } ?> <option value="delete"><?php echo $hesklang['mo3']; ?> </option> </select> <input type="hidden" name="token" value="<?php hesk_token_echo(); ?> " /> <input type="submit" value="<?php echo $hesklang['execute']; ?> " onclick="Javascript:if (document.form1.a.value=='delete') return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['mo3']); ?> ?');" class="btn btn-default" /> </form> <br/><br/> </div> <?php } else { echo '<div class="container"><i>' . $hesklang['npm'] . '</i></div><br/>'; } }
function toggle_type() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $catid = intval(hesk_GET('catid')) or hesk_error($hesklang['cat_move_id']); $_SESSION['selcat2'] = $catid; if (intval(hesk_GET('s'))) { $type = 1; $tmp = $hesklang['cpriv']; } else { $type = 0; $tmp = $hesklang['cpub']; } /* Update auto-assign settings */ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `type`='{$type}' WHERE `id`='" . intval($catid) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php'); } hesk_process_messages($tmp, './manage_categories.php', 'SUCCESS'); }
function hesk_iTables() { global $hesk_settings; // -> Attachments hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "attachments` (\n `att_id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n `ticket_id` varchar(13) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `saved_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `real_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `size` int(10) unsigned NOT NULL DEFAULT '0',\n `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n PRIMARY KEY (`att_id`),\n KEY `ticket_id` (`ticket_id`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Banned emails hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_emails` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `email` varchar(255) NOT NULL,\n `banned_by` smallint(5) unsigned NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n PRIMARY KEY (`id`),\n KEY `email` (`email`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8\n"); // -> Banned IPs hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_ips` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `ip_from` int(10) unsigned NOT NULL DEFAULT '0',\n `ip_to` int(10) unsigned NOT NULL DEFAULT '0',\n `ip_display` varchar(100) NOT NULL,\n `banned_by` smallint(5) unsigned NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8\n"); // -> Categories hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `name` varchar(60) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `cat_order` smallint(5) unsigned NOT NULL DEFAULT '0',\n `autoassign` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `priority` enum('0','1','2','3') COLLATE utf8_unicode_ci NOT NULL DEFAULT '3',\n PRIMARY KEY (`id`),\n KEY `type` (`type`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // ---> Insert default category hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` (`id`, `name`, `cat_order`) VALUES (1, 'General', 10)"); // -> KB Articles hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `catid` smallint(5) unsigned NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `author` smallint(5) unsigned NOT NULL,\n `subject` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n `content` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `keywords` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `rating` float NOT NULL DEFAULT '0',\n `votes` mediumint(8) unsigned NOT NULL DEFAULT '0',\n `views` mediumint(8) unsigned NOT NULL DEFAULT '0',\n `type` enum('0','1','2') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `html` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `sticky` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `art_order` smallint(5) unsigned NOT NULL DEFAULT '0',\n `history` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n PRIMARY KEY (`id`),\n KEY `catid` (`catid`),\n KEY `sticky` (`sticky`),\n KEY `type` (`type`),\n FULLTEXT KEY `subject` (`subject`,`content`,`keywords`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> KB Attachments hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_attachments` (\n `att_id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n `saved_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `real_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `size` int(10) unsigned NOT NULL DEFAULT '0',\n PRIMARY KEY (`att_id`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> KB Categories hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n `parent` smallint(5) unsigned NOT NULL,\n `articles` smallint(5) unsigned NOT NULL DEFAULT '0',\n `articles_private` smallint(5) unsigned NOT NULL DEFAULT '0',\n `articles_draft` smallint(5) unsigned NOT NULL DEFAULT '0',\n `cat_order` smallint(5) unsigned NOT NULL,\n `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n PRIMARY KEY (`id`),\n KEY `type` (`type`),\n KEY `parent` (`parent`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // ---> Insert default KB category hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` (`id`, `name`, `parent`, `cat_order`, `type`) VALUES (1, 'Knowledgebase', 0, 10, '0')"); // -> Login attempts hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "logins` (\n `ip` varchar(45) COLLATE utf8_unicode_ci NOT NULL,\n `number` tinyint(3) unsigned NOT NULL DEFAULT '1',\n `last_attempt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n UNIQUE KEY `ip` (`ip`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Private messages hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` (\n `id` int(10) unsigned NOT NULL AUTO_INCREMENT,\n `from` smallint(5) unsigned NOT NULL,\n `to` smallint(5) unsigned NOT NULL,\n `subject` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `read` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `deletedby` smallint(5) unsigned NOT NULL DEFAULT '0',\n PRIMARY KEY (`id`),\n KEY `from` (`from`),\n KEY `to` (`to`,`read`,`deletedby`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // ---> Insert rate this script email hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` (`id`, `from`, `to`, `subject`, `message`, `dt`, `read`, `deletedby`) VALUES (1, 9999, 1, 'Rate this script', '<div style=\"text-align:justify;padding:3px\">\r\n\r\n<p style=\"color:green;font-weight:bold\">Enjoy using HESK? Please let others know!</p>\r\n\r\n<p>You are invited to rate HESK or even write a short review here:<br /> <br /><img src=\"../img/link.png\" width=\"16\" height=\"16\" border=\"0\" alt=\"\" style=\"vertical-align:text-bottom\" /> <a href=\"http://www.hotscripts.com/Detailed/46973.html\" target=\"_blank\">Rate this script @ Hot Scripts</a><br /> <br /><img src=\"../img/link.png\" width=\"16\" height=\"16\" border=\"0\" alt=\"\" style=\"vertical-align:text-bottom\" /> <a href=\"http://php.resourceindex.com/detail/04946.html\" target=\"_blank\">Rate this script @ The PHP Resource Index</a></p>\r\n\r\n<p>Thank you,<br /> <br />Klemen,<br />\r\n<a href=\"http://www.hesk.com/\" target=\"_blank\">www.hesk.com</a>\r\n\r\n<p> </p>', NOW(), '0', 9999)"); // ---> Insert welcome email hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` (`id`, `from`, `to`, `subject`, `message`, `dt`, `read`, `deletedby`) VALUES (2, 9999, 1, 'Welcome to HESK! Here are some quick tips...', '<p style=\"color:green;font-weight:bold\">HESK quick "Getting Started" tips:<br /> </p>\r\n\r\n<ol style=\"padding-left:20px;padding-right:10px;text-align:justify\">\r\n<li>Click the Profile link to set your name, email, signature and password.<br /> </li>\r\n<li>Click the Settings link in the top menu to get to the Settings page. For additional information about each setting, click the [?] link.<br /> </li>\r\n<li>Add new categories (departments) on the Categories page. The default category cannot be deleted, but it can be renamed.<br /> </li>\r\n<li>Create new staff accounts on the Users page. You can give them unlimited (Administrator) or restricted (Staff) access.<br /> </li>\r\n<li>Use the integrated Knowledgebase. A comprehensive and well-written knowledgebase can drastically reduce the number of support tickets you receive and save a lot of your time in the long run.<br /> </li>\r\n<li>You can create response and new ticket templates on the Canned page.<br /> </li>\r\n<li>Subscribe to the <a href=\"http://www.hesk.com/newsletter.php\" target=\"_blank\">HESK Newsletter</a> to be notified of updates and new versions.<br /> </li>\r\n<li>You should follow HESK on Twitter <a href=\"https://twitter.com/HESKdotCOM\" target=\"_blank\">here</a>.<br /> </li>\r\n<li>To remove the "<span class=\"smaller\">Powered by Help Desk Software HESK</span>" links from the bottom of your help desk <a href=\"https://www.hesk.com/buy.php\" target=\"_blank\">buy a license here</a>.<br /> </li></ol>\r\n\r\n<p>Enjoy using HESK and please feel free to share your constructive feedback and feature suggestions.</p>\r\n\r\n<p>Klemen Stirn<br />\r\nHESK owner and author<br />\r\n<a href=\"http://www.hesk.com/\" target=\"_blank\">www.hesk.com</a>', NOW(), '0', 9999)"); // -> Notes hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "notes` (\n `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n `ticket` mediumint(8) unsigned NOT NULL,\n `who` smallint(5) unsigned NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n PRIMARY KEY (`id`),\n KEY `ticketid` (`ticket`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Online hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "online` (\n `user_id` smallint(5) unsigned NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n `tmp` int(11) unsigned NOT NULL DEFAULT '0',\n UNIQUE KEY `user_id` (`user_id`),\n KEY `dt` (`dt`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Pipe loops hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` (\n `email` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n `hits` smallint(1) unsigned NOT NULL DEFAULT '0',\n `message_hash` char(32) COLLATE utf8_unicode_ci NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n KEY `email` (`email`,`hits`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Replies hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` (\n `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n `replyto` mediumint(8) unsigned NOT NULL DEFAULT '0',\n `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `attachments` mediumtext COLLATE utf8_unicode_ci,\n `staffid` smallint(5) unsigned NOT NULL DEFAULT '0',\n `rating` enum('1','5') COLLATE utf8_unicode_ci DEFAULT NULL,\n `read` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n PRIMARY KEY (`id`),\n KEY `replyto` (`replyto`),\n KEY `dt` (`dt`),\n KEY `staffid` (`staffid`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Reply drafts hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reply_drafts` (\n `owner` smallint(5) unsigned NOT NULL,\n `ticket` mediumint(8) unsigned NOT NULL,\n `message` mediumtext CHARACTER SET utf8 NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n KEY `owner` (`owner`),\n KEY `ticket` (`ticket`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Reset password hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reset_password` (\n `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n `user` smallint(5) unsigned NOT NULL,\n `hash` char(40) NOT NULL,\n `ip` varchar(45) NOT NULL,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n PRIMARY KEY (`id`),\n KEY `user` (`user`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8;\n"); // -> Service messages hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `dt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `author` smallint(5) unsigned NOT NULL,\n `title` varchar(255) COLLATE utf8_unicode_ci NOT NULL,\n `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `style` enum('0','1','2','3','4') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `type` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `order` smallint(5) unsigned NOT NULL DEFAULT '0',\n PRIMARY KEY (`id`),\n KEY `type` (`type`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;\n"); // -> Canned Responses hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "std_replies` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `title` varchar(100) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `reply_order` smallint(5) unsigned NOT NULL DEFAULT '0',\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Tickets hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` (\n `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,\n `trackid` varchar(13) COLLATE utf8_unicode_ci NOT NULL,\n `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `email` varchar(1000) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `category` smallint(5) unsigned NOT NULL DEFAULT '1',\n `priority` enum('0','1','2','3') COLLATE utf8_unicode_ci NOT NULL DEFAULT '3',\n `subject` varchar(70) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `dt` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',\n `lastchange` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n `firstreply` timestamp NULL DEFAULT NULL,\n `closedat` timestamp NULL DEFAULT NULL,\n `articles` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,\n `ip` varchar(45) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `language` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL,\n `status` enum('0','1','2','3','4','5') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `openedby` smallint(5) unsigned DEFAULT '0',\n `firstreplyby` smallint(8) unsigned DEFAULT NULL,\n `closedby` smallint(5) unsigned DEFAULT NULL,\n `replies` smallint(5) unsigned NOT NULL DEFAULT '0',\n `staffreplies` smallint(5) unsigned NOT NULL DEFAULT '0',\n `owner` smallint(5) unsigned NOT NULL DEFAULT '0',\n `time_worked` time NOT NULL DEFAULT '00:00:00',\n `lastreplier` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `replierid` smallint(5) unsigned DEFAULT NULL,\n `archive` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `locked` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `attachments` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `merged` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `history` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom1` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom2` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom3` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom4` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom5` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom6` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom7` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom8` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom9` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom10` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom11` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom12` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom13` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom14` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom15` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom16` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom17` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom18` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom19` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `custom20` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n PRIMARY KEY (`id`),\n KEY `trackid` (`trackid`),\n KEY `archive` (`archive`),\n KEY `categories` (`category`),\n KEY `statuses` (`status`),\n KEY `owner` (`owner`),\n KEY `openedby` (`openedby`,`firstreplyby`,`closedby`),\n KEY `dt` (`dt`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Ticket templates hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `title` varchar(100) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `message` mediumtext COLLATE utf8_unicode_ci NOT NULL,\n `tpl_order` smallint(5) unsigned NOT NULL DEFAULT '0',\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); // -> Users hesk_dbQuery("\nCREATE TABLE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` (\n `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,\n `user` varchar(20) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `pass` char(40) COLLATE utf8_unicode_ci NOT NULL,\n `isadmin` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `email` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `signature` varchar(1000) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `language` varchar(50) COLLATE utf8_unicode_ci DEFAULT NULL,\n `categories` varchar(500) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `afterreply` enum('0','1','2') COLLATE utf8_unicode_ci NOT NULL DEFAULT '0',\n `autostart` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_customer_new` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_customer_reply` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `show_suggested` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_new_unassigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_new_my` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_reply_unassigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_reply_my` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_assigned` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_pm` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `notify_note` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `default_list` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',\n `autoassign` enum('0','1') COLLATE utf8_unicode_ci NOT NULL DEFAULT '1',\n `heskprivileges` varchar(1000) COLLATE utf8_unicode_ci DEFAULT NULL,\n `ratingneg` mediumint(8) unsigned NOT NULL DEFAULT '0',\n `ratingpos` mediumint(8) unsigned NOT NULL DEFAULT '0',\n `rating` float NOT NULL DEFAULT '0',\n `replies` mediumint(8) unsigned NOT NULL DEFAULT '0',\n PRIMARY KEY (`id`),\n KEY `autoassign` (`autoassign`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci\n"); hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` (`id`, `user`, `pass`, `isadmin`, `name`, `email`, `heskprivileges`) VALUES (1, '" . hesk_dbEscape($_SESSION['admin_user']) . "', '" . hesk_dbEscape($_SESSION['admin_hash']) . "', '1', 'Your name', '*****@*****.**', '')"); return true; }
<input name="submitbutton_tickets" type="submit" class="btn btn-default filter-ticket-btn" value="Search"/> <button name="clearbutton_tickets" onclick="deleteticket_admin();return false;" class="btn btn-default filter-ticket-btn" value="">Clear</button> </form> </div> <!--end div i filtrave --> <?php if (!isset($_SESSION['hide']['ticket_list'])) { echo '<br/><br/> <div class="container open-new-ticket"> <div class="form-inline col-sm-10"><img src="../img/open-tickets.png" alt="open-tickets" /><span id="openTicket">' . $hesklang['open_tickets'] . '</span></div> <span class="col-sm-2 newTicket"><a href="new_ticket.php"><button type="submit" class="btn btn-default new-ticket-btn">' . $hesklang['nti'] . '</button></a></span> </div> '; } /* Reset default settings? */ if (isset($_GET['reset']) && hesk_token_check()) { $res = hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `default_list`='' WHERE `id` = '" . intval($_SESSION['id']) . "' LIMIT 1"); $_SESSION['default_list'] = ''; } else { parse_str($_SESSION['default_list'], $defaults); $_GET = isset($_GET) && is_array($_GET) ? array_merge($_GET, $defaults) : $defaults; } /* Print the list of tickets */ require HESK_PATH . 'inc/print_tickets.inc.php'; /* Print forms for listing and searching tickets */ /*require(HESK_PATH . 'inc/show_search_form.inc.php');*/ } else { echo '<p><i>' . $hesklang['na_view_tickets'] . '</i></p>'; } /* Clean unneeded session variables */ hesk_cleanSessionVars('hide'); require_once HESK_PATH . 'inc/footer.inc.php';
function hesk_ticketsByDay() { global $hesk_settings, $hesklang, $date_from, $date_to, $can_run_reports_full; $tickets = array(); $totals = array('all' => 0, 'resolved' => 0, 'worked' => 0); $dt = DateArray($date_from, $date_to); // Pre-populate date values foreach ($dt as $day) { $tickets[$day] = array('all' => 0, 'resolved' => 0, 'worked' => ''); } // SQL query for all $res = hesk_dbQuery("SELECT DATE(`dt`) AS `mydt`, COUNT(*) AS `cnt`" . ($hesk_settings['time_worked'] ? ", SUM( TIME_TO_SEC(`time_worked`) ) AS `seconds_worked`" : '') . " FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE " . ($can_run_reports_full ? '1' : "`owner` = '" . intval($_SESSION['id']) . "'") . " AND {$hesk_settings['dt_sql']} GROUP BY `mydt`"); // Update ticket values while ($row = hesk_dbFetchAssoc($res)) { if (!$hesk_settings['time_worked']) { $row['seconds_worked'] = 0; } $tickets[$row['mydt']]['all'] += $row['cnt']; $tickets[$row['mydt']]['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($row['seconds_worked']) : 0; $totals['all'] += $row['cnt']; $totals['worked'] += $row['seconds_worked']; } // SQL query for resolved $res = hesk_dbQuery("SELECT DATE(`dt`) AS `mydt`, COUNT(*) AS `cnt` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE " . ($can_run_reports_full ? '1' : "`owner` = '" . intval($_SESSION['id']) . "'") . " AND `status`='3' AND {$hesk_settings['dt_sql']} GROUP BY `mydt`"); // Update ticket values while ($row = hesk_dbFetchAssoc($res)) { $tickets[$row['mydt']]['resolved'] += $row['cnt']; $totals['resolved'] += $row['cnt']; } // Convert total seconds worked to HH:MM:SS $totals['worked'] = $hesk_settings['time_worked'] ? hesk_SecondsToHHMMSS($totals['worked']) : 0; ?> <table width="100%" cellpadding="5" style="text-align:justify;border-collapse:collapse;padding:10px;"> <tr style="border-bottom:1px solid #000000;"> <td><?php echo $hesklang['date']; ?> </td> <td><?php echo $hesklang['atik']; ?> </td> <td><?php echo $hesklang['topen']; ?> </td> <td><?php echo $hesklang['closed']; ?> </td> <?php if ($hesk_settings['time_worked']) { echo '<td>' . $hesklang['ts'] . '</td>'; } ?> </tr> <?php $num_tickets = count($tickets); if ($num_tickets > 10) { ?> <tr style="border-bottom:1px solid #000000;"> <td><b><?php echo $hesklang['totals']; ?> </b></td> <td><b><?php echo $totals['all']; ?> </b></td> <td><b><?php echo $totals['all'] - $totals['resolved']; ?> </b></td> <td><b><?php echo $totals['resolved']; ?> </b></td> <?php if ($hesk_settings['time_worked']) { echo '<td><b>' . $totals['worked'] . '</b></td>'; } ?> </tr> <?php } $cls = ''; foreach ($tickets as $k => $d) { $cls = $cls ? '' : 'style="background:#EEEEE8;"'; ?> <tr <?php echo $cls; ?> > <td><?php echo hesk_dateToString($k); ?> </td> <td><?php echo $d['all']; ?> </td> <td><?php echo $d['all'] - $d['resolved']; ?> </td> <td><?php echo $d['resolved']; ?> </td> <?php if ($hesk_settings['time_worked']) { echo '<td>' . $d['worked'] . '</td>'; } ?> </tr> <?php } ?> <tr style="border-top:1px solid #000000;"> <td><b><?php echo $hesklang['totals']; ?> </b></td> <td><b><?php echo $totals['all']; ?> </b></td> <td><b><?php echo $totals['all'] - $totals['resolved']; ?> </b></td> <td><b><?php echo $totals['resolved']; ?> </b></td> <?php if ($hesk_settings['time_worked']) { echo '<td><b>' . $totals['worked'] . '</b></td>'; } ?> </tr> </table> <p> </p> <?php }
<table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="top"> <form name="showt" action="show_tickets.php" method="get"> <table class="table" style="border-top: 0 !important" border="0" cellpadding="3" cellspacing="0" width="100%"> <tr> <td style="border-top: 0px" width="20%" class="alignTop"><b><?php echo $hesklang['status']; ?> </b>: </td> <td style="border-top: 0px" width="80%"> <table border="0" cellpadding="0" cellspacing="0" width="100%"> <tr> <?php $rowCounter = 1; $statusRS = hesk_dbQuery('SELECT `ID`, `Key`, `TextColor` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'statuses`'); while ($row = $statusRS->fetch_assoc()) { if ($rowCounter > 3) { echo '</tr><tr>'; $rowCounter = 1; } echo '<td width='; if ($rowCounter != 3) { echo '"33%"'; } else { echo '"34%"'; } echo '<label><input type="checkbox" name="s' . $row['ID'] . '" value="1"'; if (isset($status[$row['ID']])) { echo 'checked="checked"'; }
$category_options = ''; $my_cat = array(); $res2 = hesk_dbQuery("SELECT `id`, `name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE " . hesk_myCategories('id') . " ORDER BY `cat_order` ASC"); while ($row = hesk_dbFetchAssoc($res2)) { $my_cat[$row['id']] = hesk_msgToPlain($row['name'], 1); $row['name'] = strlen($row['name']) > 50 ? substr($row['name'], 0, 50) . '...' : $row['name']; $cat_selected = $row['id'] == $category ? 'selected="selected"' : ''; $category_options .= '<option value="' . $row['id'] . '" ' . $cat_selected . '>' . $row['name'] . '</option>'; } // Generate export file if (isset($_GET['w'])) { // We'll need HH:MM:SS format for hesk_date() here $hesk_settings['timeformat'] = 'H:i:s'; // Get staff names $admins = array(); $result = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` ORDER BY `id` ASC"); while ($row = hesk_dbFetchAssoc($result)) { $admins[$row['id']] = $row['name']; } // This will be the export directory $export_dir = HESK_PATH . $hesk_settings['attach_dir'] . '/export/'; // This will be the name of the export and the XML file $export_name = 'hesk_export_' . date('Y-m-d_H-i-s') . '_' . mt_rand(10000, 99999); $save_to = $export_dir . $export_name . '.xml'; // Do we have the export directory? if (is_dir($export_dir) || @mkdir($export_dir, 0777) && is_writable($export_dir)) { // Cleanup old files $files = glob($export_dir . '*', GLOB_NOSORT); if (is_array($files) && count($files)) { foreach ($files as $file) { hesk_unlink($file, 86400);
foreach ($hesk_settings['custom_fields'] as $k => $v) { if ($v['use'] && isset($_POST[$k])) { if (is_array($_POST[$k])) { $tmpvar[$k] = ''; foreach ($_POST[$k] as $myCB) { $tmpvar[$k] .= (is_array($myCB) ? '' : hesk_input($myCB)) . '<br />'; } $tmpvar[$k] = substr($tmpvar[$k], 0, -6); } else { $tmpvar[$k] = hesk_makeURL(nl2br(hesk_input($_POST[$k]))); } } else { $tmpvar[$k] = ''; } } hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` SET\n\t\t`name`='" . hesk_dbEscape($tmpvar['name']) . "',\n\t\t`email`='" . hesk_dbEscape($tmpvar['email']) . "',\n\t\t`subject`='" . hesk_dbEscape($tmpvar['subject']) . "',\n\t\t`message`='" . hesk_dbEscape($tmpvar['message']) . "',\n\t\t`custom1`='" . hesk_dbEscape($tmpvar['custom1']) . "',\n\t\t`custom2`='" . hesk_dbEscape($tmpvar['custom2']) . "',\n\t\t`custom3`='" . hesk_dbEscape($tmpvar['custom3']) . "',\n\t\t`custom4`='" . hesk_dbEscape($tmpvar['custom4']) . "',\n\t\t`custom5`='" . hesk_dbEscape($tmpvar['custom5']) . "',\n\t\t`custom6`='" . hesk_dbEscape($tmpvar['custom6']) . "',\n\t\t`custom7`='" . hesk_dbEscape($tmpvar['custom7']) . "',\n\t\t`custom8`='" . hesk_dbEscape($tmpvar['custom8']) . "',\n\t\t`custom9`='" . hesk_dbEscape($tmpvar['custom9']) . "',\n\t\t`custom10`='" . hesk_dbEscape($tmpvar['custom10']) . "',\n\t\t`custom11`='" . hesk_dbEscape($tmpvar['custom11']) . "',\n\t\t`custom12`='" . hesk_dbEscape($tmpvar['custom12']) . "',\n\t\t`custom13`='" . hesk_dbEscape($tmpvar['custom13']) . "',\n\t\t`custom14`='" . hesk_dbEscape($tmpvar['custom14']) . "',\n\t\t`custom15`='" . hesk_dbEscape($tmpvar['custom15']) . "',\n\t\t`custom16`='" . hesk_dbEscape($tmpvar['custom16']) . "',\n\t\t`custom17`='" . hesk_dbEscape($tmpvar['custom17']) . "',\n\t\t`custom18`='" . hesk_dbEscape($tmpvar['custom18']) . "',\n\t\t`custom19`='" . hesk_dbEscape($tmpvar['custom19']) . "',\n\t\t`custom20`='" . hesk_dbEscape($tmpvar['custom20']) . "'\n\t\tWHERE `id`='" . intval($ticket['id']) . "' LIMIT 1"); } unset($tmpvar); hesk_cleanSessionVars('tmpvar'); hesk_process_messages($hesklang['edt2'], 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999), 'SUCCESS'); } $ticket['message'] = hesk_msgToPlain($ticket['message'], 0, 0); /* Print header */ require_once HESK_PATH . 'inc/header.inc.php'; /* Print admin navigation */ require_once HESK_PATH . 'inc/show_admin_nav.inc.php'; ?> <!-- </td> </tr>-->
// Verify the hash exists $res = hesk_dbQuery("SELECT `user`, `ip` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reset_password` WHERE `hash` = '{$hash}' LIMIT 1"); if (hesk_dbNumRows($res) != 1) { // Not a valid hash hesk_limitBfAttempts(); hesk_process_messages($hesklang['ehash'], 'NOREDIRECT'); } else { // Get info from database $row = hesk_dbFetchAssoc($res); // Only allow resetting password from the same IP address that submitted password reset request if ($row['ip'] != $_SERVER['REMOTE_ADDR']) { hesk_limitBfAttempts(); hesk_process_messages($hesklang['ehaip'], 'NOREDIRECT'); } else { // Expire all verification hashes for this user hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "reset_password` WHERE `user`=" . intval($row['user'])); // Load additional required functions require HESK_PATH . 'inc/admin_functions.inc.php'; // Get user details $res = hesk_dbQuery('SELECT * FROM `' . $hesk_settings['db_pfix'] . "users` WHERE `id`=" . intval($row['user']) . " LIMIT 1"); $row = hesk_dbFetchAssoc($res); foreach ($row as $k => $v) { $_SESSION[$k] = $v; } // Set a tag that will be used to expire sessions after username or password change $_SESSION['session_verify'] = hesk_activeSessionCreateTag($_SESSION['user'], $_SESSION['pass']); // We don't need the password hash anymore unset($_SESSION['pass']); // Clean brute force attempts hesk_cleanBfAttempts(); // Regenerate session ID (security)
function hesk_profile_tab($session_array = 'userdata', $is_profile_page = true, $action = "") { global $hesk_settings, $hesklang, $can_reply_tickets, $can_view_tickets, $can_view_unassigned, $default_userdata; ?> <!-- TABS --> <div class="container tab-content profile-functions-tab"> <?php if (!$is_profile_page) { ?> <div class="permissions"> <div class="form-inline"> <label class="col-sm-2 control-label"><?php echo $hesklang['atype']; ?> :</label> <div class="form-group"> <?php /* Only administrators can create new administrator accounts */ if ($_SESSION['isadmin']) { if (!isset($_SESSION['userdata']['checked'])) { $_SESSION['userdata']['checked'] = ""; } if ($_SESSION['userdata']['checked'] == 'admin') { ?> <label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" checked /> <b><?php echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can']; ?> </label><br /> <label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" /> <b><?php echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; ?> </label><br/> <label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" /> <?php echo $hesklang['aclient']; ?> </label> <?php } elseif ($_SESSION['userdata']['checked'] == 'staff') { ?> <label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" /> <b><?php echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can']; ?> </label><br /> <label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" checked /> <b><?php echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; ?> </label><br/> <label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" /> <?php echo $hesklang['aclient']; ?> </label> <?php } elseif ($_SESSION['userdata']['checked'] == 'client') { ?> <label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" /> <b><?php echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can']; ?> </label><br /> <label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" /> <b><?php echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; ?> </label><br/> <label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" checked /> <?php echo $hesklang['aclient']; ?> </label> <?php } else { ?> <label><input class="te-drejtat" id="administratori" type="radio" name="isadmin" value="1" <?php if (isset($_GET['a']) && $_GET['a'] == "edit") { echo "checked"; } ?> /> <b><?php echo $hesklang['administrator'] . '</b> ' . $hesklang['admin_can']; ?> </label><br /> <label><input class="te-drejtat" id="stafi" type="radio" name="isadmin" value="0" <?php if (isset($_GET['a']) && $_GET['a'] == "editb") { echo "checked"; } ?> /> <b><?php echo $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; ?> </label><br/> <label><input class="te-drejtat" id="klient" type="radio" name="isclient" value="1" <?php if (isset($_GET['a']) && $_GET['a'] == "editc") { echo "checked"; } ?> /> <?php echo $hesklang['aclient']; ?> </label> <?php } } else { echo '<b>' . $hesklang['astaff'] . '</b> ' . $hesklang['staff_can']; } ?> </div> </div> </div><!-- end permissions --> <?php } ?> <ul id="tabs" class="nav nav-tabs profile-functions" data-tabs="tabs"> <li class="active" id="profile-info"><a href="#p-info" aria-controls="p-info" role="tab" data-toggle="tab"><?php echo $hesklang['pinfo']; ?> </a></li> <?php if (!$is_profile_page) { ?> <!--<li id="permissions-info"><a href="#permissions" aria-controls="permissions" role="tab" data-toggle="tab"><?php //echo $hesklang['permissions']; ?> </a></li>--> <?php } ?> <li id="signature-info"><a href="#signature" aria-controls="signature" role="tab" data-toggle="tab"><?php echo $hesklang['sig']; ?> </a></li> <li class="<?php if (!isset($_GET['a'])) { echo "hidden"; } ?> " id="project_users-info"><a href="#project_users" aria-controls="project_users" role="tab" data-toggle="tab"><?php echo $hesklang['project']; ?> </a></li> <li class="<?php if (!isset($_GET['a']) || $_GET['a'] == "editc") { echo "hidden"; } ?> " id="preferences-info"><a href="#preferences" aria-controls="preferences" role="tab" data-toggle="tab"><?php echo $hesklang['pref']; ?> </a></li> <li class="<?php if (!isset($_GET['a']) || $_GET['a'] == "editc") { echo "hidden"; } ?> " id="notifications-info"><a href="#notifications" aria-controls="notifications" role="tab" data-toggle="tab"><?php echo $hesklang['notn']; ?> </a></li> </ul> <!-- PROFILE INFO --> <div role="tabpanel" class="tab-pane active" id="p-info"> <br /> <div class="profile-information"> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-name"><?php echo $hesklang['real_name']; ?> : <font class="important">*</font></label> <input class="form-control" required="required" title="Required field" type="text" id="profile-information-name" name="name" size="40" maxlength="50" value="<?php if (isset($_SESSION[$session_array]['name'])) { echo $_SESSION[$session_array]['name']; } ?> "/> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-email"><?php echo $hesklang['email']; ?> : <font class="important">*</font></label> <input class="form-control" required="required" title="Required field" type="email" id="profile-information-email" name="email" size="40" maxlength="255" value="<?php if (isset($_SESSION[$session_array]['email'])) { echo $_SESSION[$session_array]['email']; } ?> "/> </div> <?php if (!$is_profile_page || $_SESSION['isadmin']) { ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label control-label" for="profile-information-username"><?php echo $hesklang['username']; ?> : <font class="important">*</font></label> <input class="form-control" required="required" title="Required field" type="text" id="profile-information-username" name="user" size="40" maxlength="20" value="<?php if (isset($_SESSION[$session_array]['user'])) { echo $_SESSION[$session_array]['user']; } ?> " /> </div> <?php } else { ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label control-label" for="profile-information-username"><?php echo $hesklang['username']; ?> : <font class="important">*</font></label> <input class="form-control" required="required" title="Required field" type="text" id="profile-information-username" name="user" size="40" maxlength="20" value="<?php if (isset($_SESSION[$session_array]['user'])) { echo $_SESSION[$session_array]['user']; } ?> " readonly> </div> <?php } ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-address"><?php echo 'Address'; ?> :</label> <input class="form-control" type="text" id="profile-information-adress" name="address" size="40" maxlength="255" value="<?php if (isset($_SESSION[$session_array]['address'])) { echo $_SESSION[$session_array]['address']; } ?> "/> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-phonenumber"><?php echo 'Phone Number'; ?> :</label> <input class="form-control" type="number" min="0" id="profile-information-phonenumber" name="phonenumber" size="40" maxlength="255" value="<?php if (isset($_SESSION[$session_array]['phonenumber'])) { echo $_SESSION[$session_array]['phonenumber']; } ?> "/> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-poz_detyres"><?php echo 'Pozicioni Detyres'; ?> </label> <input class="form-control" type="text" id="profile-information-poz_detyres" name="poz_detyres" size="40" maxlength="255" value="<?php if (isset($_SESSION[$session_array]['poz_detyres'])) { echo $_SESSION[$session_array]['poz_detyres']; } ?> "/> </div> <!--shtohim fushen "Active" kur celim nje departament --> <div class="clearfix"></div> <div class="form-inline project-row1" id="profile-information-row"> <label class="col-sm-2 control-label"><?php echo $hesklang['def_act']; ?> : <font class="important">*</font></label> <input class="form-control" type="checkbox" name="prof_active" value="1" <?php if (isset($_SESSION[$session_array]['active']) && $_SESSION[$session_array]['active'] == "1") { echo "checked"; } ?> /> </div> <?php if (!isset($_GET['a'])) { ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="newpass"><?php echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass']; ?> :</label> <input class="form-control" type="password" required="required" title="Required field" id="newpass" name="newpass" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must have at least 6 characters' : ''); if(this.checkValidity()) form.newpass2.pattern = this.value;" autocomplete="off" size="40" onkeyup="javascript:hesk_checkPassword(this.value)" /> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="newpass2"><?php echo $hesklang['confirm_pass']; ?> :</label> <input class="form-control" required="required" title="Required field" type="password" id="newpass2" name="newpass2" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" autocomplete="off" size="40" /> </div> <?php } else { ?> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-newpass"><?php echo $is_profile_page ? $hesklang['new_pass'] : $hesklang['pass']; ?> :</label> <input class="form-control" type="password" id="newpass" name="newpass" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Must have at least 6 characters' : ''); if(this.checkValidity()) form.newpass2.pattern = this.value;" autocomplete="off" size="40" onkeyup="javascript:hesk_checkPassword(this.value)" /> </div> <div class="form-inline" id="profile-information-row"> <label class="col-sm-2 control-label" for="profile-information-confirmpass"><?php echo $hesklang['confirm_pass']; ?> :</label> <input class="form-control" type="password" id="newpass2" name="newpass2" pattern="^\S{6,}$" onchange="this.setCustomValidity(this.validity.patternMismatch ? 'Please enter the same Password as above' : '');" autocomplete="off" size="40" /> </div> <?php } ?> <div class="form-inline" id="profile-information-pwdst-row"> <label class="col-sm-2 control-label"><?php echo $hesklang['pwdst']; ?> :</label> <label style="vertical-align: top;"> <div class="form-control" style="width: 336px;"> <div id="progressBar" style="font-size: 1px; height: 20px; width: 0px; border: 1px solid white;"></div> </div> </label> </div> <div class="form-inline <?php if (!isset($_GET['a']) || $_GET['a'] !== "editc") { echo "hidden"; } ?> " id="show-hide-kompani"> <label class="col-sm-2 control-label" for=""><?php echo $hesklang['company']; ?> :<font class="important">*</font></label> <select class="form-control" id="select_company_manage_users" name="company_id" style="width: 336px;"> <option></option> <?php $res_comp = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'companies` '); while ($row_comp = mysqli_fetch_array($res_comp)) { if ($row_comp['active'] == 1) { $temp_data = array(); $data_contract = hesk_dbQuery('SELECT id FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` WHERE active=1 AND company_id =' . $row_comp['id']); while ($row_contract = mysqli_fetch_array($data_contract)) { $temp_data[] = $row_contract['id']; } if (isset($_SESSION[$session_array]['company_id']) && $_SESSION[$session_array]['company_id'] == $row_comp['id']) { echo '<option value="' . $row_comp['id'] . '" contracts = "' . implode($temp_data, ",") . '" selected="selected">' . $row_comp['company_name'] . '</option>'; } else { echo '<option value="' . $row_comp['id'] . '" contracts = "' . implode($temp_data, ",") . '" >' . $row_comp['company_name'] . '</option>'; } } else { if (isset($_SESSION[$session_array]['company_id']) && $_SESSION[$session_array]['company_id'] == $row_comp['id']) { echo '<option selected="selected" disabled>' . $row_comp['company_name'] . '</option>'; } } } ?> </select> </div> <br/> <div class="form-inline <?php if (!isset($_GET['a']) || $_GET['a'] !== "editc") { echo "hidden"; } ?> " id="show-hide-kontrata"> <label class="col-sm-2 control-label" for="select-kontrata"><?php echo $hesklang['contract']; ?> :<font class="important">*</font></label> <select class="multiple form-control" multiple="multiple" id="select-kontrata" name="contract_id[]" style="width: 336px;"> <option></option> <?php $res_contract = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` '); $temp = array(); if (isset($_GET["id"])) { $res_contract_client = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contractforclient` WHERE client_Id=' . hesk_dbEscape($_GET["id"])); while ($row_contract_data = mysqli_fetch_array($res_contract_client)) { $temp[] = $row_contract_data['contract_Id']; } } while ($row_contract = mysqli_fetch_array($res_contract)) { if ($row_contract['active'] == 1) { if (isset($_SESSION[$session_array]['contract_id']) && in_array($row_contract['id'], $temp)) { echo '<option value="' . $row_contract['id'] . '" selected="selected">' . $row_contract['contract_name'] . '</option>'; } else { echo '<option value="' . $row_contract['id'] . '" >' . $row_contract['contract_name'] . '</option>'; } } else { if (isset($_SESSION[$session_array]['contract_id']) && in_array($row_contract['id'], $temp)) { echo '<option selected="selected" disabled>' . $row_contract['contract_name'] . '</option>'; } } } ?> </select> </div> <div id="options" class="<?php if (!isset($_GET['a']) || $_GET['a'] !== "editb") { echo "hidden"; } ?> "> <div class="permissions-category-features"> <!--<div class="form-inline"> <label class="col-sm-2 control-label"><?php //echo $hesklang['allowed_cat']; ?> : <font class="important">*</font></label> <label>--> <?php /*foreach ($hesk_settings['categories'] as $catid => $catname) { echo '<label><input type="checkbox" name="categories[]" value="' . $catid . '" '; if ( in_array($catid,$_SESSION[$session_array]['categories']) ) { echo ' checked="checked" '; } echo ' />' . $catname . '</label>'; }*/ ?> <!--</label> </div>--> <div class="form-inline" id="permissions-features"> <label class="col-sm-2 control-label"><?php echo $hesklang['allow_feat']; ?> : <font class="important">*</font></label> <div class="form-group" style="vertical-align: top;"> <?php foreach ($hesk_settings['features'] as $k) { echo '<label><input type="checkbox" name="features[]" value="' . $k . '" '; if (in_array($k, $_SESSION[$session_array]['features'])) { echo ' checked="checked" '; } echo ' />' . $hesklang[$k] . '</label><br /> '; } ?> </div> </div> </div><!-- end permissions-category-features --> </div> <?php if (!$is_profile_page && $hesk_settings['autoassign']) { ?> <div class="form-inline hidden" id="show-hide-optionsClient"> <label class="col-sm-6 control-label"><input type="checkbox" name="autoassign" value="Y" <?php if (isset($_SESSION[$session_array]['autoassign']) && !empty($_SESSION[$session_array]['autoassign'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['user_aa']; ?> </label> </div> <?php } ?> </div><!-- end profile-information --> </div> <!-- PROFILE INFO --> <!-- SIGNATURE --> <div role="tabpanel" class="tab-pane" id="signature"> <div class="form-inline signature-profile-func"> <label class="control-label col-sm-3"><?php echo $hesklang['signature_max']; ?> :</label> <div class="form-group"> <textarea class="form-control" name="signature" rows="10" cols="60"><?php echo $_SESSION[$session_array]['signature']; ?> </textarea><br /> <?php echo $hesklang['sign_extra']; ?> </div> </div><!-- end signature-profile-func --> </div> <!-- SIGNATURE --> <?php if (!$is_profile_page) { ?> <!-- Projets for Users --> <div role="tabpanel" class="tab-pane" id="project_users"> <div class="project_contract_table"> <table class="table table-bordered"> <tr> <th class="admin_white" style="text-align:left"><b><i><?php echo $hesklang['id']; ?> </i></b></th> <th class="admin_white" style="text-align:left"><b><i><?php echo $hesklang['name']; ?> </i></b></th> <th class="admin_white" style="text-align:left"><b><i><?php echo $hesklang['contract']; ?> </i></b></th> <th class="admin_white" style="text-align:left"><b><i><?php echo $hesklang['project']; ?> </i></b></th> </tr> <?php if (isset($_GET['a']) && $_GET['a'] == "edit") { $t1 = "users"; $t2 = "userforcontract"; $t3 = "userId"; $t4 = "contractId"; } else { $t1 = "clients"; $t2 = "contractforclient"; $t3 = "client_Id"; $t4 = "contract_Id"; } $result = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . $t1 . '` WHERE id=' . intval(hesk_GET('id')) . ' ORDER BY `id` '); $i = 1; while ($row = mysqli_fetch_array($result)) { $staff = hesk_dbQuery('SELECT ' . $t3 . ',' . $t4 . ' FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . $t2 . '` WHERE ' . $t3 . '=' . $row['id']); $staff_string = ""; $project_string = ""; while ($row1 = mysqli_fetch_array($staff)) { $contract_staff = hesk_dbQuery('SELECT contract_name, project_id FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'contracts` WHERE `id` ="' . $row1[$t4] . '"'); $contract = mysqli_fetch_array($contract_staff); $staff_string .= $contract['contract_name'] . "<br/>"; $project_id = isset($contract['project_id']) ? $contract['project_id'] : ""; if (!empty($project_id)) { $project_staff = hesk_dbQuery('SELECT project_name FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'projects` WHERE `id` ="' . $project_id . '"'); $project = mysqli_fetch_array($project_staff); $project_string .= $project['project_name'] . "<br/>"; } } echo '<tr> <td class="$color">' . $row['id'] . '</td> <td class="$color">' . $row['name'] . '</td> <td class="$color">' . $staff_string . '</td> <td class="$color">' . $project_string . '</td> </tr>'; } ?> </table> </div> </div> <?php } ?> <!-- End Projets for Users --> <?php if (!$is_profile_page || $can_reply_tickets) { ?> <!-- PREFERENCES --> <div role="tabpanel" class="tab-pane" id="preferences"> <div class="form-group preferences-profile-func"> <div class="form-inline"> <label class="col-sm-3 control-label"><?php echo $hesklang['aftrep']; ?> :</label> <div class="form-group" style="vertical-align: top;"> <label><input type="radio" name="afterreply" value="0" <?php if (!$_SESSION[$session_array]['afterreply']) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['showtic']; ?> </label><br /> <label><input type="radio" name="afterreply" value="1" <?php if ($_SESSION[$session_array]['afterreply'] == 1) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['gomain']; ?> </label><br /> <label><input type="radio" name="afterreply" value="2" <?php if ($_SESSION[$session_array]['afterreply'] == 2) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['shownext']; ?> </label><br /> </div> </div> <div class="form-inline preferences-profile-defaults"> <label class="col-sm-3 control-label"><?php echo $hesklang['defaults']; ?> :</label> <div class="form-group" style="vertical-align: top;"> <?php if ($hesk_settings['time_worked']) { ?> <label><input type="checkbox" name="autostart" value="1" <?php if (!empty($_SESSION[$session_array]['autostart'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['autoss']; ?> </label><br /> <?php } ?> <label><input type="checkbox" name="notify_customer_new" value="1" <?php if (!empty($_SESSION[$session_array]['notify_customer_new'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pncn']; ?> </label><br /> <label><input type="checkbox" name="notify_customer_reply" value="1" <?php if (!empty($_SESSION[$session_array]['notify_customer_reply'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pncr']; ?> </label><br /> <label><input type="checkbox" name="show_suggested" value="1" <?php if (!empty($_SESSION[$session_array]['show_suggested'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['pssy']; ?> </label><br /> </div> </div> </div><!-- end preferences-profile-func --> </div> <!-- PREFERENCES --> <?php } ?> <!-- NOTIFICATIONS --> <div role="tabpanel" class="tab-pane" id="notifications"> <div class="notif-mw"><?php echo $hesklang['nomw']; ?> </div> <div class="notifications-profile-func"> <div class="form-inline"> <div> <?php if (!$is_profile_page || $can_view_tickets) { if (!$is_profile_page || $can_view_unassigned) { ?> <label><input type="checkbox" name="notify_new_unassigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_new_unassigned'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['nwts']; ?> <?php echo $hesklang['unas']; ?> </label><br /> <?php } ?> <label><input type="checkbox" name="notify_new_my" value="1" <?php if (!empty($_SESSION[$session_array]['notify_new_my'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['nwts']; ?> <?php echo $hesklang['s_my']; ?> </label><br /> <?php if (!$is_profile_page || $can_view_unassigned) { ?> <label><input type="checkbox" name="notify_reply_unassigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_reply_unassigned'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['ncrt']; ?> <?php echo $hesklang['unas']; ?> </label><br /> <?php } ?> <label><input type="checkbox" name="notify_reply_my" value="1" <?php if (!empty($_SESSION[$session_array]['notify_reply_my'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['ncrt']; ?> <?php echo $hesklang['s_my']; ?> </label><br /> <label><input type="checkbox" name="notify_assigned" value="1" <?php if (!empty($_SESSION[$session_array]['notify_assigned'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['ntam']; ?> </label><br /> <label><input type="checkbox" name="notify_note" value="1" <?php if (!empty($_SESSION[$session_array]['notify_note'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['ntnote']; ?> </label><br /> <?php } ?> <label><input type="checkbox" name="notify_pm" value="1" <?php if (!empty($_SESSION[$session_array]['notify_pm'])) { echo 'checked="checked"'; } ?> /> <?php echo $hesklang['npms']; ?> </label><br /> </div> </div> </div><!-- end notifications-profile-func --> </div> <!-- NOTIFICATIONS --> </div> <!-- TABS --> <script language="Javascript" type="text/javascript"><!-- hesk_checkPassword(document.form1.newpass.value); //--> </script> <?php if (isset($_SESSION[$session_array])) { unset($_SESSION[$session_array]); } }
$result = hesk_dbQuery("SELECT `replyto`,`rating`,`staffid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `id`='{$reply_id}' LIMIT 1"); $reply = hesk_dbFetchAssoc($result); // Does the ticket ID match the one in the request? $result = hesk_dbQuery("SELECT `trackid` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "tickets` WHERE `id`='{$reply['replyto']}' LIMIT 1"); // -> Ticket found? if (hesk_dbNumRows($result) != 1) { die($hesklang['attempt']); } // -> Does the tracking ID match? $ticket = hesk_dbFetchAssoc($result); if ($ticket['trackid'] != $trackingID) { die($hesklang['attempt']); } // OK, tracking ID matches. Now check if this reply has already been rated if (!empty($reply['rating'])) { die($hesklang['ar']); } // Update reply rating hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` SET `rating`='{$rating}' WHERE `id`='{$reply_id}' LIMIT 1"); // Also update staff rating hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET `rating`=((`rating`*(`ratingpos`+`ratingneg`))+{$rating})/(`ratingpos`+`ratingneg`+1), " . ($rating == 5 ? '`ratingpos`=`ratingpos`+1 ' : '`ratingneg`=`ratingneg`+1 ') . "WHERE `id`='{$reply['staffid']}'"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); header('Content-type: text/plain; charset=utf-8'); if ($rating == 5) { echo $hesklang['rh']; } else { echo $hesklang['rnh']; } exit;
function change_manager() { global $hesklang, $hesk_settings; $catid = hesk_POST('catid'); $newManagerId = hesk_POST('managerid'); hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'categories` SET `manager` = ' . intval($newManagerId) . ' WHERE `id` = ' . intval($catid)); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'] . ': ' . $hesklang['cat_not_found'], './manage_categories.php'); } if ($newManagerId == 0) { // There is no new manager. return; } // Add the category to the user's categories list, if not already present $currentCatRs = hesk_dbQuery('SELECT `categories` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` WHERE `id` = ' . intval($newManagerId)); $currentCategories = hesk_dbFetchAssoc($currentCatRs); $categories = explode(',', $currentCategories['categories']); if (!in_array($catid, $categories)) { hesk_dbQuery('UPDATE `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` SET `categories` = \'' . $currentCategories['categories'] . ',' . $catid . '\' WHERE `id` = ' . intval($newManagerId)); } hesk_process_messages($hesklang['manager_updated'], './manage_categories.php', 'SUCCESS'); }
function hesk_myCompanies($what = 'company_ticket_id') { if (!empty($_SESSION['isadmin'])) { return '1'; } else { //return " `".hesk_dbEscape($what)."` IN ('" . implode("','", array_map('intval', $_SESSION['companies']) ) . "')"; /*koment per te hequr error-t kur login si staf*/ return " `" . hesk_dbEscape($what) . "`"; } }
} $ticket = hesk_dbFetchAssoc($res); // Demo mode if (defined('HESK_DEMO')) { $ticket['email'] = '*****@*****.**'; $ticket['ip'] = '127.0.0.1'; } /* Get category name and ID */ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='{$ticket['category']}' LIMIT 1"); /* If this category has been deleted use the default category with ID 1 */ if (hesk_dbNumRows($res) != 1) { $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `id`='1' LIMIT 1"); } $category = hesk_dbFetchAssoc($res); /* Get replies */ $res = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "replies` WHERE `replyto`='{$ticket['id']}' ORDER BY `id` ASC"); $replies = hesk_dbNumRows($res); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title><?php echo $hesk_settings['hesk_title']; ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $hesklang['ENCODING']; ?> "> <style type="text/css"> body, table, td, p
function hesk_cleanOnline() { global $hesk_settings, $hesklang, $hesk_db_link; /* Delete old rows from the database */ hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "online` WHERE `dt` < ( NOW() - INTERVAL " . intval($hesk_settings['online_min']) . " MINUTE) "); return true; }
function new_sm() { global $hesk_settings, $hesklang, $listBox; global $hesk_error_buffer; // A security check # hesk_token_check('POST'); $hesk_error_buffer = array(); $style = intval(hesk_POST('style', 0)); if ($style > 4 || $style < 0) { $style = 0; } $type = empty($_POST['type']) ? 0 : 1; $title = hesk_input(hesk_POST('title')) or $hesk_error_buffer[] = $hesklang['sm_e_title']; $message = hesk_getHTML(hesk_POST('message')); // Any errors? if (count($hesk_error_buffer)) { $_SESSION['new_sm'] = array('style' => $style, 'type' => $type, 'title' => $title, 'message' => hesk_input(hesk_POST('message'))); $tmp = ''; foreach ($hesk_error_buffer as $error) { $tmp .= "<li>{$error}</li>\n"; } $hesk_error_buffer = $tmp; $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>'; hesk_process_messages($hesk_error_buffer, 'service_messages.php'); } // Just preview the message? if (isset($_POST['sm_preview'])) { $_SESSION['preview_sm'] = true; $_SESSION['new_sm'] = array('style' => $style, 'type' => $type, 'title' => $title, 'message' => $message); header('Location: service_messages.php'); exit; } // Get the latest service message order $res = hesk_dbQuery("SELECT `order` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` ORDER BY `order` DESC LIMIT 1"); $row = hesk_dbFetchRow($res); $my_order = intval($row[0]) + 10; // Insert service message into database hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` (`author`,`title`,`message`,`style`,`type`,`order`) VALUES (\n '" . intval($_SESSION['id']) . "',\n '" . hesk_dbEscape($title) . "',\n '" . hesk_dbEscape($message) . "',\n '{$style}',\n '{$type}',\n '{$my_order}'\n )"); $_SESSION['smord'] = hesk_dbInsertID(); hesk_process_messages($hesklang['sm_added'], 'service_messages.php', 'SUCCESS'); }
function order_saved() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $tplid = intval(hesk_GET('replyid')) or hesk_error($hesklang['ticket_tpl_id']); $_SESSION['canned']['selcat2'] = $tplid; $tpl_move = intval(hesk_GET('move')); hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=`tpl_order`+" . intval($tpl_move) . " WHERE `id`='" . intval($tplid) . "' LIMIT 1"); if (hesk_dbAffectedRows() != 1) { hesk_error("{$hesklang['int_error']}: {$hesklang['ticket_tpl_not_found']}."); } /* Update all category fields with new order */ $result = hesk_dbQuery('SELECT `id` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'ticket_templates` ORDER BY `tpl_order` ASC'); $i = 10; while ($mytpl = hesk_dbFetchAssoc($result)) { hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "ticket_templates` SET `tpl_order`=" . intval($i) . " WHERE `id`='" . intval($mytpl['id']) . "' LIMIT 1"); $i += 10; } header('Location: manage_ticket_templates.php'); exit; }
function hesk_myCategories($what = 'category') { if (!empty($_SESSION['isadmin'])) { return '1'; } else { return " `" . hesk_dbEscape($what) . "` IN ('" . implode("','", array_map('intval', $_SESSION['categories'])) . "')"; } }
// Need to notify staff? // --> From autoassign? $getOwnerRs = hesk_dbQuery("SELECT * FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE ID = " . hesk_dbEscape($ticket['owner'])); $autoassign_owner = $getOwnerRs->fetch_assoc(); if ($ticket['owner'] && $autoassign_owner['notify_assigned']) { hesk_notifyAssignedStaff($autoassign_owner, 'ticket_assigned_to_you'); } elseif (!$ticket['owner']) { hesk_notifyStaff('new_ticket_staff', " `notify_new_unassigned` = '1' "); } array_push($submittedTickets, $innerResult['trackid']); hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "stage_tickets`\n WHERE `id` = " . $innerResult['id']); } //Add email address to the verified emails table hesk_dbQuery('INSERT INTO `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'verified_emails` (`Email`) VALUES (\'' . hesk_dbEscape($email) . '\')'); } hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pending_verification_emails`\n WHERE `ActivationKey` = '" . hesk_dbEscape($key) . "'"); //-- was there an email recorded for the key? if (!empty($email)) { $showForm = false; ?> <div class="alert alert-success"> <p><i class="fa fa-check"></i> <?php echo sprintf($hesklang['email_verified'], $email); ?> </p> <ul> <?php foreach ($submittedTickets as $ticket) { echo '<li><a href="' . $hesk_settings['hesk_url'] . '/ticket.php?track=' . $ticket . '">' . $ticket . '</a></li>'; } if (count($submittedTickets) == 0) {
function hesk_show_kb_category($catid, $is_search = 0) { global $hesk_settings, $hesklang; if ($is_search == 0) { /* Print header */ require_once HESK_PATH . 'inc/header.inc.php'; hesk_kb_header($hesk_settings['kb_link'], $catid); if ($catid == 1) { echo '<br/><div class="container priv-kb-text">' . $hesklang['priv'] . '</div><br/>'; } } $res = hesk_dbQuery("SELECT `name`,`parent` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `id`='" . intval($catid) . "' LIMIT 1"); $thiscat = hesk_dbFetchAssoc($res) or hesk_error($hesklang['kb_cat_inv']); if ($thiscat['parent']) { $link = $thiscat['parent'] == 1 ? 'knowledgebase_private.php' : 'knowledgebase_private.php?category=' . $thiscat['parent']; echo '<br/><div class="container homepageh3"> ' . $hesklang['kb_cat'] . ': ' . $thiscat['name'] . '</div><br/> <div class="container"><a href="javascript:history.go(-1)">' . '<button type="submit" class="btn btn-default goback-btn">' . $hesklang['back'] . '</button>' . '</a></div> '; } $result = hesk_dbQuery("SELECT `id`,`name`,`articles`,`type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` WHERE `parent`='" . intval($catid) . "' ORDER BY `parent` ASC, `cat_order` ASC"); if (hesk_dbNumRows($result) > 0) { ?> <div class="container"><b><?php echo $hesklang['kb_cat_sub']; ?> :</b></div><br/> <div class="container"> <?php $per_col = $hesk_settings['kb_cols']; $i = 1; while ($cat = hesk_dbFetchAssoc($result)) { if ($i == 1) { echo '<tr>'; } $private = $cat['type'] == 1 ? ' *' : ''; echo ' <td width="50%" valign="top"> <table border="0"> <tr><td><img src="../img/folder.gif" width="20" height="20" alt="" style="vertical-align:middle" /><a href="knowledgebase_private.php?category=' . $cat['id'] . '">' . $cat['name'] . '</a>' . $private . '</td></tr> '; /* Print most popular/sticky articles */ if ($hesk_settings['kb_numshow'] && $cat['articles']) { $res = hesk_dbQuery("SELECT `id`,`subject`,`type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($cat['id']) . "' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `views` DESC, `art_order` ASC LIMIT " . (intval($hesk_settings['kb_numshow']) + 1)); $num = 1; while ($art = hesk_dbFetchAssoc($res)) { $private = $art['type'] == 1 ? ' *' : ''; echo ' <tr> <td><img src="../img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /> <a href="knowledgebase_private.php?article=' . $art['id'] . '" class="article">' . $art['subject'] . '</a>' . $private . '</td> </tr>'; if ($num == $hesk_settings['kb_numshow']) { break; } else { $num++; } } if (hesk_dbNumRows($res) > $hesk_settings['kb_numshow']) { echo '<tr><td>» <a href="knowledgebase_private.php?category=' . $cat['id'] . '"><i>' . $hesklang['m'] . '</i></a></td></tr>'; } } echo ' </table> </td> '; if ($i == $per_col) { echo '</tr>'; $i = 0; } $i++; } /* Finish the table if needed */ if ($i != 1) { for ($j = 1; $j <= $per_col; $j++) { echo '<td width="50%"> </td>'; if ($i == $per_col) { echo '</tr>'; break; } $i++; } } ?> </div> <?php } // END if NumRows > 0 ?> <br/> <div class="container articles_categ"><b><?php echo $hesklang['ac']; ?> </b></div> <div> <?php $res = hesk_dbQuery("SELECT `id`, `subject`, LEFT(`content`, " . max(200, $hesk_settings['kb_substrart'] * 2) . ") AS `content`, `rating`, `type` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` WHERE `catid`='" . intval($catid) . "' AND `type` IN ('0','1') ORDER BY `sticky` DESC, `art_order` ASC"); if (hesk_dbNumRows($res) == 0) { echo '<div class="container"><i>' . $hesklang['noac'] . '</i></div>'; } else { echo '<div class="container table-responsive"><table class="table table-bordered" style="background-color: white;">'; while ($article = hesk_dbFetchAssoc($res)) { $private = $article['type'] == 1 ? ' *' : ''; $txt = hesk_kbArticleContentPreview($article['content']); echo ' <tr> <td> <table> <tr> <td width="1" valign="top"><img src="../img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /></td> <td valign="top"><a href="knowledgebase_private.php?article=' . $article['id'] . '">' . $article['subject'] . '</a>' . $private . '</td> </tr> </table> <table border="0" width="100%" cellspacing="0" cellpadding="1"> <tr> <td width="1" valign="top"><img src="../img/blank.gif" width="16" height="10" style="vertical-align:middle" alt="" /></td> <td><span class="article_list" style="word-break: break-all;">' . $txt . '</span></td> </tr> </table> </td> </tr>'; } echo '</table></div>'; } ?> </div> <?php }
function hesk_kbLatestArticles($how_many, $index = 1) { global $hesk_settings, $hesklang; // Index page or KB main page? if ($index) { // Disabled? if (!$hesk_settings['kb_index_latest']) { return true; } // Show title in italics $font_weight = 'i'; } else { // Disabled? if (!$hesk_settings['kb_latest']) { return true; } // Show title in bold $font_weight = 'b'; // Print a line for spacing if we don't show popular articles if (!$hesk_settings['kb_popart']) { echo '<hr />'; } } ?> <table border="0" width="100%"> <tr> <td>» <<?php echo $font_weight; ?> ><?php echo $hesklang['latart']; ?> </<?php echo $font_weight; ?> ></td> <?php /* Show number of views? */ if ($hesk_settings['kb_date']) { echo '<td style="text-align:right"><i>' . $hesklang['dta'] . '</i></td>'; } ?> </tr> </table> <?php /* Get list of articles from the database */ $res = hesk_dbQuery("SELECT `t1`.`id`,`t1`.`subject`,`t1`.`dt` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_articles` AS `t1`\r\n\t\t\tLEFT JOIN `" . hesk_dbEscape($hesk_settings['db_pfix']) . "kb_categories` AS `t2` ON `t1`.`catid` = `t2`.`id`\r\n\t\t\tWHERE `t1`.`type`='0' AND `t2`.`type`='0'\r\n\t\t\tORDER BY `t1`.`dt` DESC LIMIT " . intval($how_many)); /* If no results found end here */ if (hesk_dbNumRows($res) == 0) { echo '<p><i>' . $hesklang['noa'] . '</i><br /> </p>'; return true; } /* We have some results, print them out */ ?> <div align="center"> <table border="0" cellspacing="1" cellpadding="3" width="100%"> <?php while ($article = hesk_dbFetchAssoc($res)) { echo ' <tr> <td> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="1" valign="top"><img src="img/article_text.png" width="16" height="16" border="0" alt="" style="vertical-align:middle" /></td> <td valign="top"> <a href="knowledgebase.php?article=' . $article['id'] . '">' . $article['subject'] . '</a></td> '; if ($hesk_settings['kb_date']) { echo '<td valign="top" style="text-align:right" width="200">' . hesk_date($article['dt'], true) . '</td>'; } echo ' </tr> </table> </td> </tr> '; } ?> </table> </div> <?php }